﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Data;
using SapB1WebPOS.Utils;
using System.Text;

namespace SapB1WebPOS.DAL
{
    public class PermissionDAO
    {
        public string UpdateOnlineUserPermission(string companyDB, string userName, string purchaseOrder,
            string purchaseRequest, string salesQuotation, string salesOrder, string grpo, string pos)
        {
            try
            {
                DataSet ds = new DataSet("@USER");
                SQLConnection connect = new SQLConnection(companyDB);
                List<object> lstParamValue = new List<object>();
                lstParamValue.Add(purchaseOrder);
                lstParamValue.Add(purchaseRequest);
                lstParamValue.Add(salesQuotation);
                lstParamValue.Add(salesOrder);
                lstParamValue.Add(grpo);
                lstParamValue.Add(pos);
                lstParamValue.Add(userName);

                StringBuilder query = new StringBuilder();

                query.Append("UPDATE [@USER] SET ");
                query.Append(" U_PurchaseOrder = @Param1,");
                query.Append(" U_PurchaseRequest = @Param2,");
                query.Append(" U_SalesQuotation = @Param3,");
                query.Append(" U_SalesOrder =  @Param4,");
                query.Append(" U_GRPO =  @Param5,");
                query.Append(" U_WebPOS = @Param6");
                query.Append(" WHERE Code = @Param7");

                int count = connect.Execute_Non_Query(query.ToString(), lstParamValue);
                return count.ToString();
            }
            catch (Exception ex)
            {
                Log.WriteException(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType, "SystemError", ex);
                throw ex;
            }
        }
        public string OnlineUserChangePassword(string companyDB, string userName, string newPassword)
        {
            try
            {
                DataSet ds = new DataSet("@USER");
                SQLConnection connect = new SQLConnection(companyDB);
                List<object> lstParamValue = new List<object>();
                string passPhrase = "sapb1addon.com.@123456789()";
                newPassword = Utils.StringCipher.Encrypt(newPassword, passPhrase);
                lstParamValue.Add(newPassword);
                lstParamValue.Add(userName);
                int count = connect.Execute_Non_Query("UPDATE [@USER] SET U_Password = @Param1  WHERE Code =  @Param2", lstParamValue);
                return count.ToString();
            }
            catch (Exception ex)
            {
                Log.WriteException(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType, "SystemError", ex);
                throw ex;
            }
        }
        /// <summary>
        /// 
        /// </summary>
        /// <param name="companyDB"></param>
        /// <returns></returns>
        public DataSet GetAllOnlineUser(string companyDB)
        {
            try
            {
                DataSet ds = new DataSet("@USER");
                SQLConnection connect = new SQLConnection(companyDB);
                ds = connect.Excute_Query("SELECT * FROM [@USER]", null);
                return ds;
            }
            catch (Exception ex)
            {
                Log.WriteException(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType, "SystemError", ex);
                throw ex;
            }
        }
        /// <summary>
        /// 
        /// </summary>
        /// <param name="companyDB"></param>
        /// <returns></returns>
        public DataSet GetOnlineUserByUserName(string companyDB, string userName, string passWord)
        {
            try
            {
                DataSet ds = new DataSet("@USER");
                SQLConnection connect = new SQLConnection(companyDB);
                List<object> lstParamValue = new List<object>();
                lstParamValue.Add(userName);
                ds = connect.Excute_Query("SELECT * FROM [@USER] WHERE Code =  @Param1", lstParamValue);

                if (ds != null && ds.Tables.Count > 0 && ds.Tables[0].Rows.Count == 1)
                {
                    if (ds.Tables[0].Rows[0]["U_Password"].ToString().Length > 0)
                    {
                        string passPhrase = "sapb1addon.com.@123456789()";
                        passWord = Utils.StringCipher.Encrypt(passWord, passPhrase);
                        if (passWord == ds.Tables[0].Rows[0]["U_Password"].ToString())
                        {
                            return ds;
                        }
                        else
                        {
                            return null;
                        }
                    }
                    else
                    {
                        if (userName == passWord)
                        {
                            return ds;
                        }
                        else
                        {
                            return null;
                        }
                    }
                }
                else
                {
                    return null;
                }

            }
            catch (Exception ex)
            {
                Log.WriteException(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType, "SystemError", ex);
                throw ex;
            }
        }
    }
}